CVE-2002-1871 Information

Description

pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a ?\ (question mark) in the (1) mode (2) owner or (3) group fields which allows attackers to elevate privileges.

Reference

http://sunsolve.sun.com/search/document.do?assetkey=1-26-45693-1 http://www.iss.net/security_center/static/9544.php http://www.securityfocus.com/bid/5208